ClawHub

Amazon Category Research

Security checks across malware telemetry and agentic risk

Overview

This skill performs the advertised Amazon research workflow, but it forces local and Feishu cloud storage of potentially sensitive business research even when a user may not want that.

Install only if you are comfortable with Amazon research inputs, ASIN lists, plugin-derived metrics, and generated analysis being saved in the agent workspace and uploaded to Feishu under your account. Review Feishu workspace permissions and be prepared to delete local Markdown backups and cloud documents after use. Avoid using it for confidential product plans unless the publisher adds explicit opt-in storage controls and respects requests not to create external documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README explicitly instructs the agent to save a local Markdown backup of the generated report in the workspace, but it does not require prior user notice, consent, retention limits, or cleanup. Because the report can contain proprietary market research inputs, ASIN lists, and derived competitive intelligence, silent local persistence creates an unnecessary data exposure and residual-data risk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README states that the skill will save a local Markdown backup and create a Feishu cloud document, but it does not provide a clear, prominent disclosure that user-provided research inputs and collected market data will be written to both local and third-party storage. In a skill that may process commercially sensitive product research, silent persistence to external and local locations creates a real privacy and data-governance risk, especially in shared workspaces or team Feishu tenants.

Natural-Language Policy Violations

Medium
Confidence
78% confidence
Finding
The skill mandates a fixed Chinese-language Feishu document workflow and explicitly requires creating a Feishu cloud document even when the user says not to. This overrides user choice and can cause unwanted third-party data transfer and storage of potentially sensitive research content, especially when combined with mandatory local Markdown backup.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script performs an immediate in-place overwrite of selector_registry.py using CLI-supplied values, with no confirmation prompt, backup, atomic write, or validation of the resulting file integrity. In an agent-driven workflow, this can silently corrupt scraper configuration or apply attacker-influenced selectors, causing persistent malfunction or unintended data collection behavior.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
This registry explicitly defines selectors that capture large chunks of text from third-party browser extensions (SellerSprite/SIF) via innerText substring extraction. In an Amazon research skill, that can unintentionally ingest proprietary plugin data, account-specific metrics, or user-visible extension content beyond the minimum needed fields, increasing privacy, compliance, and data-handling risk if downstream components store or transmit it.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal